The business world is talking about the importance of the General Data Protection Regulation (or the GDPR), but few companies really understand the implications of non-compliance. We believe it's our role to help educate organisations about the actions they need to take to ensure they are GDPR compliant.
Here we cover the alignment between the Hollaroo vision and GDPR, which is why deploying a Hollaroo solution is such a positive way to achieve compliance.
The Hollaroo vision
Hollaroo was founded in 2009 to create a platform that used social networking principles to enable organisations to connect with multiple external communities, thereby getting access to people, knowledge and opportunities. For recruitment we wanted to help organisations move beyond incredibly wasteful, job-driven processes to a more pro-actiive and efficient way to hire great talent.
For candidates, we wanted to make the relationship with the organisation interactive, give candidates control over the way in which they engage and support people not ready to enter the active application process. Our goal is a fantastic candidate experience, especially for passive candidates, that is more aligned with modern consumer expectations than the one-way "black hole" experience that is so common today.
Although built before GDPR was even on the horizon, the Hollaroo platform aligns with GDPR core principles of privacy by design, lawful processing and individual rights. GDPR is about giving users control over their data and Hollaroo is about giving candidates control over their experience - a perfect fit!
Privacy by design
With more than 40 years of experience in developing enterprise technology, the Hollaroo development team started with a solid, secure architecture. We then layered on top of that a flexible granular security layer that gives our clients fine control over privacy and confidentiality based on a user's relationship to the organisation. Although it often deals with publicly available information, recruitment is a sensitive process. Bringing the relationship into a private space, where the organisation has control over the experience allows trust to be developed.
The GDPR regulations not only require data to be stored in a secure environment but also that organisations have control over access to the data and an audit of activity so that any suspicious can be identified. Hollaroo security and comprehensive audit capabilities meet these requirements.
Lawful processing of data
The starting point for entry by candidates into a Hollaroo system is an active acceptance of an invitation with associated review of consent, privacy and terms of service. Until this consent is obtained a candidate is not visible within the system. This applies no matter what channel was used to identify the candidate, whether it be a referral, recruiter search activities or recycling of talent out of your applicant tracking system. The consent is recorded in the system and can be renewed (or withdrawn) at any point.
The GDPR identifies six legal bases for lawful processing. Although other bases can cover the processing of an active application it is clear that explicit consent is the only basis for processing a candidate's data for the purpose of recruitment marketing. The Hollaroo invitation acceptance process manages this no matter what the source of candidate.
We recognise that your talent pool is not a monolithic block and covers a whole spectrum of people from completely passive "lurkers" to individuals that would like to talk to a recruiter right now. To support this, candidates in a Hollaroo system have total control over their experience from the data they provide to the level and type of content they interact with. They can change things at any point and decide how and when to engage. If they want they can export their data or withdraw their consent - and these processes can be entirely automated.
The GDPR gives individuals rights to view, amend, export and delete their data at any point and organisations have very tight timescales to comply. Because of the publicity about these rights, and the rapidly increasing understanding of the value/threat of personal data, it is likely that there will be a substantial increase in requests from candidates. Organisations need to prepare for this. Bringing passive candidate data into a Hollaroo system allows these request to be processed quickly and easily - often by the candidates themselves!
Concerned about GDPR? We can help!
Get in touch to learn more about our easy to implement solutions or talk to our network of GDPR experts
Complete and submit this form and we'll get back to you as quickly as we can.